Directory Enumeration Vulnerability in Oracle Products
CVE-2023-23951

6.1MEDIUM

Key Information:

Vendor

Broadcom
Status
Symantec Identity Management And Governance
Vendor
CVE Published:
26 January 2023

What is CVE-2023-23951?

This vulnerability allows unauthorized users to enumerate Oracle LDAP attributes related to the currently authenticated user by altering the application's query. Such manipulation can lead to exposure of sensitive user information, potentially compromising user privacy and data security. Organizations using affected versions of Oracle LDAP should take immediate action to assess their risk and implement necessary security measures.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Symantec Identity Management And Governance 14.3, 14.4.1, 14.4.2

References

https://support.broadcom.com/external/content/SecurityAdv...

CVSS V3.1

Score:
6.1
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.